s8t getTimeTicks(mib_object_t* object, u8t* oid, u8t len)
{
object->varbind.value.u_value = getSysUpTime();
#if PDEBUG
printf("aktuelle Zeit mit clock time: %d",clock_time());
printf("aktuelle Zeit mit getSysUpTime: %d",getSysUpTime());
#endif
return 0;
}
void read_leases2(char *file)
{
FILE *fp;
unsigned int i = 0;
/*Start of Mod by y67514:time(0)取的系统时间会受SNTP影响,导致定时器混乱*/
time_t curr = getSysUpTime();
/*End of Mod by y67514:time(0)取的系统时间会受SNTP影响,导致定时器混乱*/
struct dhcpOfferedAddr lease;
if (!(fp = fopen(file, "r"))) {
LOG(LOG_ERR, "Unable to open %s for reading", file);
return;
}
while (i < server2_config.max_leases && (fread(&lease, sizeof lease, 1, fp) == 1)) {
if (lease.yiaddr >= server2_config.start && lease.yiaddr <= server2_config.end) {
leases2[i].yiaddr = lease.yiaddr;
leases2[i].expires = ntohl(lease.expires);
if (server2_config.remaining) leases2[i].expires += curr;
memcpy(leases2[i].chaddr, lease.chaddr, sizeof(lease.chaddr));
i++;
}
}
DEBUG(LOG_INFO, "Read %d leases", i);
if (i == server2_config.max_leases) {
if (fgetc(fp) == EOF)
/* might be helpfull to drop expired leases2 */
LOG(LOG_WARNING, "Too many leases while loading %s\n", file);
}
fclose(fp);
}
s8t prepareOutgoingMsg_USM(message_v3_t* message, u8t* output, u16t output_len, s16t* pos)
{
memcpy(&message->msgAuthoritativeEngineID, getEngineID(), sizeof(ptr_t));
message->msgAuthoritativeEngineBoots = getMsgAuthoritativeEngineBoots();
message->msgAuthoritativeEngineTime = getSysUpTime()/100;
encode_USM_parameters(message, output, output_len, pos);
return 0;
}
s8t processIncomingMsg_USM(u8t* const input, const u16t input_len, u16t* pos, message_v3_t* request)
{
/* If the value of the msgAuthoritativeEngineID field in the securityParameters is unknown, return usmStatsUnknownEngineIDs */
TRY(decode_USM_parameters(input, input_len, pos, request));
if (request->msgAuthoritativeEngineID.len != getEngineID()->len ||
memcmp(request->msgAuthoritativeEngineID.ptr, getEngineID()->ptr, getEngineID()->len)) {
TRY(report(request, &usmStatsUnknownEngineIDs, &usmStatsUnknownEngineIDCounter));
return ERR_USM;
}
/* check user name */
if (request->msgUserName.len != strlen((char*)getUserName()) || memcmp(request->msgUserName.ptr, getUserName(), request->msgUserName.len) != 0) {
TRY(report(request, &usmStatsUnknownUserNames, &usmStatsUnknownUserNamesCounter));
return ERR_USM;
}
if (request->msgFlags & FLAG_AUTH) {
#if ENABLE_AUTH
/* The timeliness check is only performed if authentication is applied to the message */
if (request->msgAuthenticationParameters.len != 12 || isBadHMAC(input, input_len, request) != ERR_NO_ERROR) {
TRY(report(request, &usmStatsWrongDigests, &usmStatsWrongDigestsCounter));
return ERR_USM;
}
#else
return FAILURE;
#endif
}
if (request->msgAuthoritativeEngineBoots != getMsgAuthoritativeEngineBoots() ||
abs(request->msgAuthoritativeEngineTime - getSysUpTime()) < TIME_WINDOW) {
TRY(report(request, &usmStatsNotInTimeWindows, &usmStatsNotInTimeWindowsCounter));
return ERR_USM;
}
if (request->msgFlags & FLAG_PRIV) {
#if ENABLE_PRIVACY
if (request->msgPrivacyParameters.len != 8) {
TRY(report(request, &usmStatsDecryptionErrors, &usmStatsDecryptionErrorsCounter));
return ERR_USM;
}
/* init IV */
u8t iv[16];
convert_2_octets(iv, request->msgAuthoritativeEngineBoots);
convert_2_octets(iv + 4, request->msgAuthoritativeEngineTime);
memcpy(iv + 8, request->msgPrivacyParameters.ptr, 8);
/* decode the Scoped PDU */
aes_process(getPrivKul(), iv, input + *pos, input + *pos, input_len - *pos, AES_DECRYPT);
#else
return FAILURE;
#endif
}
return 0;
}
/* the dummy var is here so this can be a signal handler */
void write_leases(int dummy)
{
FILE *fp;
unsigned int i;
char buf[255];
/*Start of Mod by y67514:time(0)取的系统时间会受SNTP影响,导致定时器混乱*/
time_t curr = getSysUpTime();
/*End of Mod by y67514:time(0)取的系统时间会受SNTP影响,导致定时器混乱*/
unsigned long lease_time;
dummy = 0;
if (!(fp = fopen(server_config.lease_file, "w"))) {
LOG(LOG_ERR, "Unable to open %s for writing", server_config.lease_file);
return;
}
for (i = 0; i < server_config.max_leases; i++) {
if (leases[i].yiaddr != 0) {
if (server_config.remaining) {
if (lease_expired(&(leases[i])))
lease_time = 0;
else lease_time = leases[i].expires - curr;
} else lease_time = leases[i].expires;
lease_time = htonl(lease_time);
fwrite(leases[i].chaddr, 16, 1, fp);
fwrite(&(leases[i].yiaddr), 4, 1, fp);
fwrite(&lease_time, 4, 1, fp);
fwrite(leases[i].hostname, 64, 1, fp);
//w44771 add for test
#ifdef SUPPORT_CHINATELECOM_DHCP
fwrite(&leases[i].port, 4, 1, fp);
#endif
}
}
fclose(fp);
if (server_config.notify_file) {
sprintf(buf, "%s %s", server_config.notify_file, server_config.lease_file);
system(buf);
}
}
int getTemperature(char* unit){
lastTempUpdate = getSysUpTime();
return GET_TEMPERATURE(unit);
}
/* send a DHCP OFFER to a DHCP DISCOVER */
int sendOffer(struct dhcpMessage *oldpacket)
{
struct dhcpMessage packet;
struct dhcpOfferedAddr *lease = NULL;
u_int32_t req_align, lease_time_align = server_config.lease;
char *req, *lease_time;
struct option_set *curr;
char * l_vdfoption[OPTION_LEN];
int l_ilen = 0;
struct in_addr addr;
#ifdef VDF_OPTION
//add for option125
char VIinfo[VENDOR_IDENTIFYING_INFO_LEN];
unsigned char StrOption121[OPTION121_LEN];
#endif
/*start A36D02806, s60000658, 20060906*/
struct option_set *opt = NULL;
u_int32_t router_ip = 0;
if(NULL != (opt = find_option(server_config.options, DHCP_ROUTER)))
{
router_ip = *(u_int32_t*)(opt->data + 2);
}
/*end A36D02806, s60000658, 20060906*/
init_packet(&packet, oldpacket, DHCPOFFER);
#ifdef SUPPORT_MACMATCHIP
if ( !ismacmatch(oldpacket->chaddr) )
{
packet.yiaddr = find_matchip(oldpacket->chaddr);
}
else
#endif
/* the client is in our lease/offered table */
if ((lease = find_lease_by_chaddr(oldpacket->chaddr))) {
/*Start of Mod by y67514:time(0)取的系统时间会受SNTP影响,导致定时器混乱*/
if (!lease_expired(lease))
lease_time_align = lease->expires - getSysUpTime();
/*End of Mod by y67514:time(0)取的系统时间会受SNTP影响,导致定时器混乱*/
packet.yiaddr = lease->yiaddr;
/* Or the client has a requested ip */
} else if ((req = get_option(oldpacket, DHCP_REQUESTED_IP)) &&
/* Don't look here (ugly hackish thing to do) */
memcpy(&req_align, req, 4) &&
/* and the ip is in the lease range */
ntohl(req_align) >= ntohl(server_config.start) &&
ntohl(req_align) <= ntohl(server_config.end) &&
#ifdef VDF_RESERVED
//and the ip is not the reserved ip
reservedIp(req_align)&&
#endif
#ifdef SUPPORT_MACMATCHIP
isipmatch(req_align) &&
#endif
/* and its not already taken/offered */
((!(lease = find_lease_by_yiaddr(req_align)) ||
/* or its taken, but expired */
lease_expired(lease)))) {
#ifdef SUPPORT_DHCP_FRAG
int tmpNum = 1, i =0;
if(1 == inmaster)
{
for(i = 0; i < 5; i++)
{
if(ntohl(req_align) >= ntohl(ipPool[i].start) &&
ntohl(req_align) <= ntohl(ipPool[i].end))
{
tmpNum = 0;
break;
}
}
}
#endif
/*start of DHCP 网关会分配自己的维护IP porting by w44771 20060505*/
/*packet.yiaddr = req_align; */
if((req_align != server_config.server)
#ifdef SUPPORT_DHCP_FRAG
&& (req_align != router_ip) && (1 == tmpNum))/*A36D02806, s60000658, 20060906*/
#else
&& (req_align != router_ip))/*A36D02806, s60000658, 20060906*/
#endif
{
packet.yiaddr = req_align;
}
else
{
#ifdef SUPPORT_DHCP_FRAG
if(1 == inmaster)
s8t processIncomingMsg_USM(u8t* const input, const u16t input_len, u16t* pos, message_v3_t* request)
{
/* If the value of the msgAuthoritativeEngineID field in the securityParameters is unknown, return usmStatsUnknownEngineIDs */
TRY(decode_USM_parameters(input, input_len, pos, request));
if (request->msgAuthoritativeEngineID.len != getEngineID()->len ||
memcmp(request->msgAuthoritativeEngineID.ptr, getEngineID()->ptr, getEngineID()->len)) {
TRY(report(request, &usmStatsUnknownEngineIDs, &usmStatsUnknownEngineIDCounter));
#if PDEBUG
printf("USM Modul: Error! Wrong Engine ID!\n");
#endif
return ERR_USM;
}
/* check user name */
if (request->msgUserName.len != strlen((char*)getUserName()) || memcmp(request->msgUserName.ptr, getUserName(), request->msgUserName.len) != 0) {
TRY(report(request, &usmStatsUnknownUserNames, &usmStatsUnknownUserNamesCounter));
#if PDEBUG
printf("USM Modul: Error! Wrong Username\n");
#endif
return ERR_USM;
}
/*sz*/
#if ENABLE_AUTH
if (!(request->msgFlags & FLAG_AUTH))
{
#if PDEBUG
printf("USM Modul: Error! User needs Authentication\n");
#endif
TRY(report(request, &usmStatsUnsupportedSecurityLevel, &usmStatsUnsupportedSecurityLevelCounter));
return ERR_USM;
}
#endif
/*sz*/
if (request->msgFlags & FLAG_AUTH) {
#if ENABLE_AUTH
/* The timeliness check is only performed if authentication is applied to the message */
if (request->msgAuthenticationParameters.len != 12 || isBadHMAC(input, input_len, request) != ERR_NO_ERROR) {
#ifndef DISABLE_HMAC
TRY(report(request, &usmStatsWrongDigests, &usmStatsWrongDigestsCounter));
#if PDEBUG
printf("USM Modul: Error! Authentication Failed!\n");
#endif
return ERR_USM;
#endif /* Disable HMAC */
}
#else
return FAILURE;
#endif
}
#if ENABLE_AUTH /*sz*/
#if PDEBUG
printf("Checking Engine Time getsysuptime()/100: %d\n",(getSysUpTime()/100));
printf("Request EngineTime:%d\n", request->msgAuthoritativeEngineTime);
printf("RequestTime - getSysUpTime/100: %d \n", (request->msgAuthoritativeEngineTime - (getSysUpTime()/100)));
printf("abs of RequestTime - getSysUpTime/100: %d \n",(abs(request->msgAuthoritativeEngineTime - (getSysUpTime()/100))));
printf("Checking if it is in the time window (1 if it is not!!!) %d\n", (abs(request->msgAuthoritativeEngineTime - (getSysUpTime()/100)) > TIME_WINDOW));
if (request->msgAuthoritativeEngineBoots == 0){
printf("USM Modul: request->msgAuthoritativeEngineBoots == 0\n");
}
if (request->msgAuthoritativeEngineBoots != getMsgAuthoritativeEngineBoots()){
printf("USM Modul: request->msgAuthoritativeEngineBoots != getMsgAuthoritativeEngineBoots()\n");
}
if (abs(request->msgAuthoritativeEngineTime - getSysUpTime()) < TIME_WINDOW){
printf("USM Modul: abs(request->msgAuthoritativeEngineTime - getSysUpTime()) < TIME_WINDOW\n");
}
if (getMsgAuthoritativeEngineBoots()>=2147483647){
printf("USM Modul: getMsgAuthoritativeEngineBoots()>=2147483647\n");
}
#endif
#if DISABLE_MAET == 0
if (request->msgAuthoritativeEngineBoots != getMsgAuthoritativeEngineBoots() ||
abs(request->msgAuthoritativeEngineTime - (getSysUpTime()/100)) > TIME_WINDOW ||
getMsgAuthoritativeEngineBoots()>=2147483647){
#endif
#if DISABLE_MAET == 1
if (request->msgAuthoritativeEngineBoots != getMsgAuthoritativeEngineBoots() ||
getMsgAuthoritativeEngineBoots()>=2147483647){
#endif
/*sz*/
/* Changed not working abs(request->msgAuthoritativeEngineTime - getSysUpTime()) < TIME_WINDOW)*/
/* to line above.
/* added line getMsgAuthoritativeEngineBoots()>=2147483647 in if above */
/* to stop the SNMP Agent when the maximum snmpEngineBoots is reached*/
/* and send an Not in Time Window Message back.*/
/*sz*/
TRY(report(request, &usmStatsNotInTimeWindows, &usmStatsNotInTimeWindowsCounter));
return ERR_USM;
}
/*sz*/
#endif /*#if ENABLE_AUTH*/ /*sz*/
#if ENABLE_PRIVACY
if (!(request->msgFlags & FLAG_PRIV))
{
#if PDEBUG
printf("USM Modul: Error! User needs Privacy\n");
#endif
TRY(report(request, &usmStatsUnsupportedSecurityLevel, &usmStatsUnsupportedSecurityLevelCounter));
return ERR_USM;
}
#endif
/*sz*/
if (request->msgFlags & FLAG_PRIV) {
#if ENABLE_PRIVACY
if (request->msgPrivacyParameters.len != 8) {
TRY(report(request, &usmStatsDecryptionErrors, &usmStatsDecryptionErrorsCounter));
return ERR_USM;
}
/* init IV */
u8t iv[16];
convert_2_octets(iv, request->msgAuthoritativeEngineBoots);
convert_2_octets(iv + 4, request->msgAuthoritativeEngineTime);
memcpy(iv + 8, request->msgPrivacyParameters.ptr, 8);
/* decode the Scoped PDU */
aes_process(getPrivKul(), iv, input + *pos, input + *pos, input_len - *pos, AES_DECRYPT);
#else
return FAILURE;
#endif
}
return 0;
}
static s8t encode_USM_parameters(message_v3_t* message, u8t* output, u16t buf_len, s16t* pos) {
if (message->msgFlags & FLAG_PRIV) {
#if ENABLE_PRIVACY
u8t iv[16];
/* IV */
convert_2_octets(iv, message->msgAuthoritativeEngineBoots);
convert_2_octets(iv + 4, message->msgAuthoritativeEngineTime);
/* privace parameters */
convert_2_octets(message->msgPrivacyParameters.ptr, getLPrivacyParameters());
convert_2_octets(message->msgPrivacyParameters.ptr, getHPrivacyParameters());
memcpy(iv + 8, message->msgPrivacyParameters.ptr, 8);
aes_process(getPrivKul(), iv, output + *pos, output + *pos, buf_len - *pos, AES_ENCRYPT);
TRY(ber_encode_type_length(output, pos, BER_TYPE_OCTET_STRING, buf_len - *pos));
#else
return FAILURE;
#endif
}
s16t tmpPos = *pos;
TRY(ber_encode_fixed_string(output, pos, message->msgPrivacyParameters.ptr, message->msgPrivacyParameters.len));
TRY(ber_encode_fixed_string(output, pos, message->msgAuthenticationParameters.ptr, message->msgAuthenticationParameters.len));
message->msgAuthenticationParameters.ptr = &output[*pos + 2];
TRY(ber_encode_fixed_string(output, pos, message->msgUserName.ptr, message->msgUserName.len));
TRY(ber_encode_integer(output, pos, BER_TYPE_INTEGER, message->msgAuthoritativeEngineTime));
TRY(ber_encode_integer(output, pos, BER_TYPE_INTEGER, message->msgAuthoritativeEngineBoots));
TRY(ber_encode_fixed_string(output, pos, message->msgAuthoritativeEngineID.ptr, message->msgAuthoritativeEngineID.len));
TRY(ber_encode_type_length(output, pos, BER_TYPE_SEQUENCE, tmpPos - *pos));
TRY(ber_encode_type_length(output, pos, BER_TYPE_OCTET_STRING, tmpPos - *pos));
return 0;
}
s8t prepareOutgoingMsg_USM(message_v3_t* message, u8t* output, u16t output_len, s16t* pos)
{
memcpy(&message->msgAuthoritativeEngineID, getEngineID(), sizeof(ptr_t));
message->msgAuthoritativeEngineBoots = getMsgAuthoritativeEngineBoots();
message->msgAuthoritativeEngineTime = getSysUpTime()/100;
encode_USM_parameters(message, output, output_len, pos);
return 0;
}
